Internet Engineering Task Force H. Stenn Internet-Draft D. Mills Intended status: Standards Track P. Prindeville Expires: January 3, 2019 Network Time Foundation July 2, 2018 Network Time Protocol: Secure Network Time draft-stenn-ntp-secure-network-time-00 Abstract The proposal specifies a means for NTP instances that can establish a TCP connection between themselves to create secure ephemeral keys. With the known weaknesses of the public-key security protocol, Autokey, which is defined by RFC 5906 [RFC5906], a replacement for Autokey that supports at least Client/Server and Symmetric modes must be provided. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on January 3, 2019. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of Stenn, et al. Expires January 3, 2019 [Page 1] Internet-Draft Network Time Protocol Secure Network Time July 2018 the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 2 2. Secure Network Time . . . . . . . . . . . . . . . . . . . . . 3 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 4. Security Considerations . . . . . . . . . . . . . . . . . . . 3 5. Normative References . . . . . . . . . . . . . . . . . . . . 3 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction From almost the beginning, NTP has provided a mechanism to authenticate an NTP packet. To date, that mechanism is a Message Authentication Code, or MAC. The MAC is comprised of two subfields, a 32-bit keyID and a signature. A keyID with a value between 1 and 65535, inclusive, is a symmetric key. A keyID with a value greater than 65535 is not provided by the symmetric key file, and has traditionally been negotiated ephemerally, with Autokey, defined by RFC 5906 [RFC5906], being one example. The mechanism by which keys are exchanged between NTP instance can be thought of as a black-box exchange. One of these black-box key exchange mechanisms is "the way the ntp.keys file containing symmetric keys is distributed." Another way keys have been exchaned is via Autokey. This Secure Network Time proposal uses the NTP TCP Services mechanism to perform key exchange, follwed by negotiation of a keyID, a hash algorithm, and a secret key over a TLS connection. Once this has been done, each participant can use the keyID, hash algorithm, and secret key to provide MAC protection for NTP packets, using ephemeral keys that can be re-negotiated as-needed. Should additional security measures be desired, for example using a cookie as additional replay prevention, that can be easily provided. 1.1. Requirements Language The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. Stenn, et al. Expires January 3, 2019 [Page 2] Internet-Draft Network Time Protocol Secure Network Time July 2018 2. Secure Network Time Secure Network Time uses "NTP TCP Services" to perform key exchange over a TLS connection, followed by an agreement on a keyID, hash algorithm, and a secret. With the secure communication of a keyID, a cryptographically strong hash algorithm, and a secret of sufficient strength, we have an ephemeral key exchange mechanism that provides MAC authentication for NTP packets. 3. IANA Considerations TBD 4. Security Considerations Additional information TBD 5. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC5905] Mills, D., Martin, J., Ed., Burbank, J., and W. Kasch, "Network Time Protocol Version 4: Protocol and Algorithms Specification", RFC 5905, DOI 10.17487/RFC5905, June 2010, . [RFC5906] Haberman, B., Ed. and D. Mills, "Network Time Protocol Version 4: Autokey Specification", RFC 5906, DOI 10.17487/RFC5906, June 2010, . Authors' Addresses Harlan Stenn Network Time Foundation P.O. Box 918 Talent, OR 97540 US Email: stenn@nwtime.org Stenn, et al. Expires January 3, 2019 [Page 3] Internet-Draft Network Time Protocol Secure Network Time July 2018 David L. Mills Network Time Foundation P.O. Box 918 Talent, OR 97540 US Email: mills@udel.edu Philip Prindeville Network Time Foundation P.O. Box 918 Talent, OR 97540 US Email: prindeville@ntp.org Stenn, et al. Expires January 3, 2019 [Page 4]